| From: | Joris Dobbelsteen <joris(at)familiedobbelsteen(dot)nl> |
|---|---|
| To: | Richard Huxton <dev(at)archonet(dot)com> |
| Cc: | Sergey Konoplev <gray(dot)ru(at)gmail(dot)com>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Referential integrity vulnerability in 8.3.3 |
| Date: | 2008-08-14 09:14:25 |
| Message-ID: | 48A3F771.6080500@familiedobbelsteen.nl |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Richard Huxton wrote, On 15-Jul-2008 15:19:
> Sergey Konoplev wrote:
>> Yes it is. But it the way to break integrity cos rows from table2
>> still refer to deleted rows from table1. So it conflicts with
>> ideology isn't it?
>
> Yes, but I'm not sure you could have a sensible behaviour-modifying
> BEFORE trigger without this loophole. Don't forget, ordinary users can't
> work around this - you need suitable permissions.
>
> You could rewrite PG's foreign-key code to check the referencing table
> after the delete is supposed to have taken place, and make sure it has.
> That's going to halve the speed of all your foreign-key checks though.
I did long ago.
For this to work you need to bypass the MVCC rules (to some extend). You
CANNOT do this with SQL statements, as there is no infrastructure for this.
For now you are bound to native foreign keys or triggers written in C
using (unsupported?) functions.
- Joris
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Tom | 2008-08-14 09:44:33 | Re: pg_restore fails on Windows |
| Previous Message | Александр Чешев | 2008-08-14 08:21:26 | PostgreSQL arrays and DBD |